ForgeRock OpenAM 11.0.0 Integration

1. From the main OpenAM console, Click on "Create Hosted Service Provider"

2. Fill in information on this page.

Fill in information on this page. The metadata Name should already be filled out. Circle of Trust name can be anything unique. Click on ‘Configure’ in the upper right. OpenAM will confirm the creation of the SP and Circle of Trust.

6.1. SAML - General Tab

GridGuard requires non-self-signed certificates for the automatic refresh of the “ACS URL” and some of the other values. If any are empty, click on “Save Changes” on the top, and then re-select the SP.

Select the appropriate SAML Realm (e.g. “saml”) in the “Realm” drop down

Select which attribute is used as the Name Identifier (for AD, this is usually sAMAccountName, but this will depend on your OpenAM environment)

When finished, the page should look something like the screenshot above.